Security Incidents mailing list archives
Re: Oversized packets
From: kaos () OCS COM AU (Keith Owens)
Date: Sun, 7 May 2000 11:29:31 +1000
On Thu, 4 May 2000 23:14:58 -0300, Paulo Ribeiro <prrar () NITNET COM BR> wrote:
May 1 13:19:00 slack kernel: Oversized packet received from 44.226.139.125 May 1 13:19:00 slack kernel: Oversized packet received from 96.57.171.73
It could be packet corruption on your incoming connection but it is more likely to be the Ping of Death attack. If the messages occur in the middle of normal sessions from those addresses then suspect hardware and/or software problems. If the packets are isolated, suspect Ping of Death. For PoD it is very likely that the IP address is forged.
Current thread:
- amd exploit(ed)?, (continued)
- amd exploit(ed)? Paulo Ribeiro (May 07)
- Re: amd exploit(ed)? Mike Murray (May 08)
- Re: amd exploit(ed)? Erich Meier (May 09)
- Re: amd exploit(ed)? Jim Zajkowski (May 09)
- Re: odd message showing up logs... Robert Graham (May 07)
- Port 109 Scans Eric Maiwald (May 04)
- Re: Port 109 Scans Stone (May 06)
- Re: Lots netbios scans (udp 137) Erich Meier (May 04)
- Re: Lots netbios scans (udp 137) Greg A. Woods (May 04)
- Oversized packets Paulo Ribeiro (May 04)
- Re: Oversized packets Keith Owens (May 06)